personal

Fear and Loathing in Las Vegas

I originally posted this at http://www.318.com/TechJournal

While attending DefCon, a hacking conference in Las Vegas, Three18 staff members learned of Ciscogate. Ciscogate revolves around the plight of Mike Lynn. He was a researcher for Internet Security Systems Inc (ISS) until he resigned last week after giving a speech at Black Hat, an Information Technology security conference in Las Vegas. Due to the presentation and the speech Lynn gave a suit was filed against him by ISS and Cisco.

Cisco hired people to go through the CDs given out by Black Hat containing all of the presentations and replace them with CDs absent the presentation. The first appearances of the case in the media were taken down, reportedly by Cisco. Cisco began to cover up the flaws Lynn exposed in their operating system, claiming that they were not as serious as Lynn had reported. In a bold move, Cisco also had Lynn slapped with a gag order and settled the case out of court with the stipulation that Lynn never talk of the vulnerabilities again.

The presentation exposes serious security vulnerabilities to the Cisco operating system. Theoretically it is possible to exploit this flaw in order to bring entire legs of the Internet dark. Due to the scale of the exploit and the anti-trust issues surrounding the case, the FBI and Justice Department are now investigating Lynn for criminal charges. If the flaws to Cisco’s operating system were not as serious as Lynn reported then why is the federal government involved?

We were amazed at the solidarity of the Hacker community around Lynn. A defense fund was started for him, copies of his speech were plastered across the Internet and shirts were printed overnight that read Ciscogate, the name given for the reported cover-up.

After returning home, Three18 worked hard at ensuring all of our clients’ routers were fully patched, which reportedly fixed the flaw Lynn uncovered. The point of Lynn’s disclosure of the seriousness of the vulnerabilities is to get System Administrators to patch their routers, which many of them might not have done otherwise.